On 12/11/2019 16:19, Maxime Coquelin wrote:
> vhost_user_set_vring_num() performs multiple allocations
> without checking whether data were previously allocated.
>
> It may cause a denial of service because of the memory leaks
> that happen if a malicious vhost-user master keeps sending
> VHOST_USER_SET_VRING_NUM request until the slave runs out
> of memory.
>
> This issue has been assigned CVE-2019-14818
>
> Fixes: b0a985d1f340 ("vhost: add dequeue zero copy")
>
> Reported-by: Jason Wang <[email protected]>
> Signed-off-by: Maxime Coquelin <[email protected]>
Applied, thanks.
--
David Marchand
